[Secure-testing-commits] r26834 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon May 5 20:32:48 UTC 2014
Author: carnil
Date: 2014-05-05 20:32:48 +0000 (Mon, 05 May 2014)
New Revision: 26834
Modified:
data/CVE/list
Log:
Update NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-05 15:20:08 UTC (rev 26833)
+++ data/CVE/list 2014-05-05 20:32:48 UTC (rev 26834)
@@ -262,7 +262,7 @@
CVE-2014-3009
RESERVED
CVE-2014-3008 (Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to ...)
- TODO: check
+ NOT-FOR-US: Unitrends Enterprise Backup
CVE-2014-3007 (Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might ...)
- pillow <unfixed> (bug #737059)
- python-imaging <removed>
@@ -295,11 +295,11 @@
CVE-2014-2995
RESERVED
CVE-2014-2994 (Stack-based buffer overflow in Acunetix Web Vulnerability Scanner ...)
- TODO: check
+ NOT-FOR-US: Acunetix Web Vulnerability Scanner
CVE-2014-2993 (The Birebin.com application for Android does not verify X.509 ...)
- TODO: check
+ NOT-FOR-US: Birebin.com application for Android
CVE-2014-2992 (The Misli.com application for Android does not verify X.509 ...)
- TODO: check
+ NOT-FOR-US: Misli.com application for Android
CVE-2014-2991
RESERVED
CVE-2014-2990
@@ -488,9 +488,9 @@
CVE-2014-2910
RESERVED
CVE-2014-2909 (CRLF injection vulnerability in the integrated web server on Siemens ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2014-2908 (Cross-site scripting (XSS) vulnerability in the integrated web server ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2014-2906 [unsafe temporary file creationg leading to privilege escalation]
RESERVED
- fish <unfixed> (low; bug #746259)
@@ -1020,7 +1020,7 @@
CVE-2014-2720
RESERVED
CVE-2014-2719 (Advanced_System_Content.asp in the ASUS RT series routers with ...)
- TODO: check
+ NOT-FOR-US: ASUS RT series routers
CVE-2014-2718
RESERVED
CVE-2014-2717
@@ -1442,7 +1442,7 @@
CVE-2014-2546
RESERVED
CVE-2014-2545 (TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2014-2544 (Unspecified vulnerability in Spotfire Web Player Engine, Spotfire ...)
NOT-FOR-US: Spotfire
CVE-2014-2543 (Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing ...)
@@ -2369,19 +2369,19 @@
CVE-2014-2187
RESERVED
CVE-2014-2186 (Cross-site request forgery (CSRF) vulnerability in the web framework ...)
- TODO: check
+ NOT-FOR-US: Cisco WebEx Meetings Server
CVE-2014-2185 (The Call Detail Records (CDR) Management component in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-2184 (The IP Manager Assistant (IPMA) component in Cisco Unified ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Communications Manager
CVE-2014-2183 (The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2014-2182 (Cisco Adaptive Security Appliance (ASA) Software, when DHCPv6 replay ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2014-2181
RESERVED
CVE-2014-2180 (The Document Management component in Cisco Unified Contact Center ...)
- TODO: check
+ NOT-FOR-US: Cisco Unified Contact Center Express
CVE-2014-2179
RESERVED
CVE-2014-2178
@@ -2433,7 +2433,7 @@
CVE-2014-2155 (The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows ...)
NOT-FOR-US: Cisco
CVE-2014-2154 (Memory leak in the SIP inspection engine in Cisco Adaptive Security ...)
- TODO: check
+ NOT-FOR-US: Cisco Adaptive Security Appliance
CVE-2014-2153
RESERVED
CVE-2014-2152
@@ -3586,15 +3586,15 @@
CVE-2014-1767
RESERVED
CVE-2014-1766 (Unspecified vulnerability in the kernel in Microsoft Windows 8.1 ...)
- TODO: check
+ NOT-FOR-US: Microsoft Windows
CVE-2014-1765 (Multiple use-after-free vulnerabilities in Microsoft Internet Explorer ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-1764 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-1763 (Use-after-free vulnerability in Microsoft Internet Explorer 11 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-1762 (Unspecified vulnerability in Microsoft Internet Explorer 11 allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2014-1761 (Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 ...)
NOT-FOR-US: Microsoft Word
CVE-2014-1760 (Microsoft Internet Explorer 11 allows remote attackers to execute ...)
@@ -3928,11 +3928,11 @@
CVE-2014-1649
RESERVED
CVE-2014-1648 (Cross-site scripting (XSS) vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Symantec Messaging Gateway
CVE-2014-1647 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2014-1646 (Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop ...)
- TODO: check
+ NOT-FOR-US: Symantec
CVE-2014-1645 (SQL injection vulnerability in forcepasswd.do in the management GUI in ...)
NOT-FOR-US: Symantec LiveUpdate Administrator
CVE-2014-1644 (The forgotten-password feature in forcepasswd.do in the management GUI ...)
@@ -4849,9 +4849,9 @@
CVE-2014-1323
RESERVED
CVE-2014-1322 (The kernel in Apple OS X through 10.9.2 places a kernel pointer into ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-1321 (Power Management in Apple OS X 10.9.x through 10.9.2 allows physically ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-1320 (IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple ...)
NOT-FOR-US: Apple
CVE-2014-1319 (Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows ...)
@@ -4861,11 +4861,11 @@
CVE-2014-1317
RESERVED
CVE-2014-1316 (Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-1315 (Format string vulnerability in CoreServicesUIAgent in Apple OS X ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-1314 (WindowServer in Apple OS X through 10.9.2 does not prevent session ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2014-1313 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
NOT-FOR-US: Webkit / if anything of this affects Chromium, the Chrome sec team will know and fix
CVE-2014-1312 (WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, ...)
@@ -5322,7 +5322,7 @@
CVE-2014-0933
RESERVED
CVE-2014-0932 (Cross-site scripting (XSS) vulnerability in IBM Sterling Order ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0931
RESERVED
CVE-2014-0930
@@ -5402,7 +5402,7 @@
CVE-2014-0893
RESERVED
CVE-2014-0892 (IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0891
RESERVED
CVE-2014-0890 (The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, ...)
@@ -5695,7 +5695,7 @@
CVE-2014-0781 (Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 ...)
NOT-FOR-US: Yokogawa CENTUM CS 3000
CVE-2014-0780 (Directory traversal vulnerability in NTWebServer in InduSoft Web ...)
- TODO: check
+ NOT-FOR-US: InduSoft Web Studio
CVE-2014-0779 (The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 ...)
NOT-FOR-US: Schneider Electric
CVE-2014-0778 (The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows ...)
@@ -7302,7 +7302,7 @@
CVE-2014-0362
RESERVED
CVE-2014-0361 (The default configuration of IBM 4690 OS, as used in Toshiba Global ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2014-0360
REJECTED
CVE-2014-0359 (Xangati XSR before 11 and XNR before 7 allows remote attackers to ...)
More information about the Secure-testing-commits
mailing list